I’ve spent a good year working on a security strategy to manage multi-cloud environments, in this article I want to share what I wish we did in advance to be better prepared.| cloudberry.engineering
Securing containers is a complex task. The problem space is broad, vendors are on fire, there are tons of checklists and best practices and it’s hard to prioritize solutions. So if you had to implement a container security strategy where would you start?| cloudberry.engineering
Identity and Access Management (IAM) is an important piece of the cloud puzzle and it’s usually a source of headaches from a security point of view. Let’s try to give some pointers from a blue team perspective. If you are a security team that just inherited a bunch of Google Cloud Platform (GCP) accounts, this guide is for you.| cloudberry.engineering
Service Accounts in Google Cloud Platform (GCP) are the main vector to hack an account: it’s easy to use them wrong and end up with a compromised key and a lot of headaches.| cloudberry.engineering
Google Cloud Registry (GCR) is the Docker container registry offered by Google Cloud Platform (GCP). Under the hood it’s an interface on top of Google Cloud Storage (GCS), and it’s so thin that access control is entirely delegated to the storage layer.| cloudberry.engineering